 |
|
|
Service Level Agreement
This Service Level Agreement ("SLA") describes certain
performance and security components regarding the
service provided by ASP-One. This Service Level
Agreement (SLA) applies to you ("Customer") if you have
ordered any of the Windows Server 2003 and Windows 2000
based hosting services from ASP-One (the "Services") and
your account is current (i.e., not past due) with
ASP-One.
This SLA is governed by the ASP-ONE End User Agreements
and complemented by ASP-ONE's Privacy Policy, the
collection of which are designed to protect the privacy,
security and best interests of ASP-ONE's customers.
ASP-ONE agrees to abide by the terms of this SLA, and
requires its customers to do likewise. ASP-ONE shall use
commercial best effort to provide continuous and
consistent service with respect to this SLA. ASP-ONE
reserves the right to add, subtract or amend the terms
of this agreement at any time upon twenty (20) days
notice. Such notice shall be given to the administrator
via e-mail and reflected in the SLA posted on the
ASP-One website.
1. Service Description
ASP-One co-locates the hosted services in an IBM data
center in Chicago, Illinois.
a. Physical Security and Environmental Control
This section describes how ASP-ONE protects the hosted
services against unauthorized physical access and the
threats of fire, power, temperature, humidity and other
physical forces.
Physical access to the data center is protected by
biometric security systems and strictly limited to
authorized ASP-ONE personnel. Other persons are admitted
only on an as needed basis (e.g., to maintain hardware
components) and only under supervision.
Environmental control provided by a redundant HVAC
system.
Data center protected by state-of-the art fire
prevention system.
Continuous power is supplied by battery backup systems
and redundant diesel generators.
b. Network Access and Security
This section describes how ASP-ONE protects the hosted
services against unauthorized network access and the
related security measures ASP-ONE takes to protect its
customers. It also contains some customer technical
requirements and certain premium services ASP-ONE
offers.
ASP-ONE uses Cisco routers and switches and NetScreen
firewalls.
ASP-One uses a redundant architecture and/or
enterprise level servers provided by IBM Corporation.
ASP-ONE configures each server with a switched one
hundred (100) Mbps Fast Ethernet connection. ASP-ONE
connects to multiple Internet backbones through OC3
lines, within a major telecommunications hub.
ASP-ONE supports 128-bit encryption via SSL (our
digital certificate is provided by VeriSign).
Customer Responsibilities:
Customers (or their agents) are responsible for
properly maintaining the functional operation of all
workstation equipment including connectivity to the
Internet.
Prior to alleging any connectivity problems, the
customer will verify that they are able to reach major
sites such as www.msn.com or www.yahoo.com.
Customer's Administrators must allow all software
required for Biz@Large® Service Manager (ASP-One
Administration Control Panel) to be installed on the
workstation.
Customer is responsible for configuration of their
Internet firewall to allow all necessary ports to be
used.
Premium Services:
For additional fees, ASP-ONE will be pleased to help its
customers establish:
A VPN (Virtual Private Network) connection to allow
network traffic to be encrypted to further protect
information traveling on the network.
A point-to-point network to construct a physically
dedicated connection to access applications.
a. Data Security
This section describes the significant measures ASP-ONE
takes to protect customer information and contains
important requirements for customers to follow to
further enhance data security:
All customer data is located on secure servers or
directories that require access authentication.
ASP-One installs third-party, anti-virus software on
its front-end SMTP servers which are utilized for the
Exchange service. This software is configured to check
all messages coming into and leaving the Exchange server
(Messages sent between mailboxes on the server are not
scanned) for viruses according to the virus-detecting
heuristics provided with the software. As a part of the
Anti-virus software service, these heuristics are
regularly updated. If a virus is detected, the message
is deleted. No notification is sent to either recipient
or sender of the message.
ASP-One employs RAID techniques to ensure the
integrity of the data on its servers.
All customer data is backed up to tape using ASP-ONE's
LTO and DLT tape library. ASP-ONE performs full tape
backups on a weekly basis and incremental backups daily.
Tapes are stored in an off-site location on a weekly
basis. Nightly incremental backups are retained for two
(2) weeks. Weekly backups are retained for three (3)
weeks.
NOTE: Nightly and weekly backups are performed for
disaster recovery purposes only.
ASP-One is not responsible for data loss resulting
from the failure or loss of the data storage or backup
media.
Customer Responsibilities:
The following customer requirements enhance data
security:
Customers must use discretion granting administrator
privileges.
Users must not share their login identifier or
password.
We recommend that users change their passwords at
least every forty-five (45) days.
Users must select passwords that are eight (8)
characters or longer that include a combination of upper
and lower case with mixed alpha and numeric text.
ASP-One advises customers to use up-to-date, local
anti-virus software. ASP-One is not responsible for
infection of end-user devices or lost or corrupted
messages due to anti-virus software running on the
Exchange server.
2. Service Availability
a. Coverage – Definitions
As used herein, the term "Service Availability" means
the percentage of a particular month (based on 24-hour
days and an assumed 30-day month) that access to
ASP-One’s data center network, shared hosted
applications, fully-managed customer servers and
customer's data is available
b. Guarantee
ASP-ONE will use commercial best efforts to provide
customers with 99.9% service availability relating to
its hosting.
Service Availability is calculated by the number of
hours the service is available to customers plus the
total number of hours, if any, the service is scheduled
to be unavailable, divided by the total number of hours
in that month
c. Penalty for non-compliance
Subject to Sections 2.d. and 2.e. below, if the Service
Availability is less than 99.9%, ASP-One will issue a
credit to customer in accordance with the following
schedule, with the credit being calculated on the basis
of the monthly service charge for the affected Services:
| Service Availability |
Credit Percentage |
| 99.9 to 100% |
0% |
| 98% to 99.8% |
10% |
| 95% to 97.9% |
25% |
| 90% to 94.9% |
50% |
| 89.9% or below |
100% |
d. Exceptions
Customer shall not receive any credits under this SLA in
connection with any failure or deficiency of Service
Availability caused by or associated with:
Circumstances beyond ASP-One's reasonable control,
including, without limitation, acts of any governmental
body, war, insurrection, sabotage, armed conflict,
embargo, fire, flood, strike or other labor disturbance,
interruption of or delay in transportation,
unavailability of or interruption or delay in
telecommunications or third party services, virus
attacks or hackers, failure of third party software
(including, without limitation, ecommerce software,
payment gateways, chat, statistics or free scripts) or
inability to obtain raw materials, supplies, or power
used in or equipment needed for provision of this SLA;
Failure of access circuits to the ASP-One Network,
unless such failure is caused solely by ASP-One;
Scheduled maintenance and emergency maintenance and
upgrades;
DNS issues outside the direct control of ASP-One;
Customer's acts or omissions (or acts or omissions of
others engaged or authorized by customer) including,
without limitation, custom scripting or coding (e.g.,
CGI, Perl, HTML, ASP, etc), any negligence, willful
misconduct, or use of the Services in breach of
ASP-One's Terms and Conditions
Outages elsewhere on the Internet that hinder access
to your account.
e. Credit Request and Payment Procedures
To receive a credit, the customer must make a request
therefore by sending an e-mail message to
accounting@asp-one.com. The e-mail message MUST include
the GroupID (Unique Organization ID defined by Customer
at signup) of the customer's account in the "Subject"
line. Each request in connection with this SLA must
include the dates and times of the unavailability of
customer's service and must be received by ASP-One
within ten (10) business days after the end of the
calendar month when customer's service was not
available. If the unavailability is confirmed by
ASP-One, credits will be applied against the next
billing cycle after ASP-One's receipt of the customer's
credit request.
Credits are not refundable and can be used only towards
outstanding or future billing charges.
Notwithstanding anything to the contrary herein, the
total amount credited to customer in a particular month
under this SLA shall not exceed the total hosting fee
paid by customer for such month for the affected
Services.
f. Scheduled Maintenance
To guarantee optimal performance of the Service, it is
necessary for ASP-One to perform routine maintenance on
the servers. Such maintenance often requires taking
servers off-line and are typically performed during
off-peak hours.
ASP-ONE reserves the right to plan a scheduled outage
with forty-eight (48) hours advance notice. ASP-ONE will
use commercial best efforts to schedule these outages at
non-peak hours and limit their occurrence to strictly
necessary upgrades and required maintenance.
Scheduled outages are broadcasted in the Network Status
page at www.asp-one.com or via e-mail to the designated
administrator of each customer.
It is the responsibility of the administrators to notify
all persons within their organizations of scheduled
outages.
3. Technical Support
This section describes how ASP-ONE maintains high
quality customer care to ensure customer satisfaction.
ASP-One technical support operates 24/7. ASP-ONE
provides a variety of ways for customers to request help
or otherwise make inquiries.
An online Support module may be used to report and
track issues. The online support can be accessed via
Biz@Large, ASP-One’s control panel at URL: www.bizatlarge.net.
24 x 7 telephone support (1-519-858-6251)
An online technical Knowledgebase is available at
anytime on ASP-One’s website (www.asp-one.com/support)
or through Biz@Large (www.bizatlarge.net).
NOTE: Access to Technical Support is limited to
designated administrator(s) for Customer.
Administration permissions can be defined or updated
through the Biz@Large control panel.
Severity categories and response times are as follows:
Severity #1 - assigned to outages that keep a business
from being able to access one or all of their
applications.
Severity #2 - assigned to a situation that slows an
organization's response time or limits the functions of
one of the applications.
Severity #3 - assigned to a general question or requests
for enhancement.
| Description |
Severity #1 |
Severity #2 |
Severity #3 |
| Status Updates |
2 hours |
24 hours |
5 business days |
| Third Party Vendor Coordination |
Yes |
Limited |
As needed |
| ASP1 Management Elevation [2] |
Yes |
As needed |
As needed |
| Resolution report identifying the cause of the problem |
Yes |
Yes |
As needed |
If ASP-ONE fails to comply with the response procedures
described above, it will give affected customers a full
day's credit.
Customer Responsibilities:
It will be the Customer's responsibility to maintain
current profile information for their administrators
using the Biz@Large control panel in order to receive
notifications, which are made via e-mail.
4. Billing inquiries
Billing inquiries should be sent to
accounting@asp-one.com.
All inquiries regarding subscription of new accounts or
addition of services should be addressed to
sales@asp-one.com.
5. Business Continuity Provision
In the event that ASP-ONE is unable to continue service
to Customer, ASP-ONE will use commercial best effort to
provide no less than two (2) weeks of interim service.
During this period, ASP-ONE will provide access to and
at no cost the most current data backups, as well as all
necessary information, including application settings
and utilities, in order to facilitate a transition of
Customer's service to another provider or in-house
implementation
[1] ASP-ONE Management Elevation escalates customer
issues through progressive levels of ASP-ONE management
as follows: 1st elevation - supervisor of help-desk
support 2nd elevation - Customer Service Manager
(department level manager) 3rd elevation - Director of
Technology (senior management representative) 4th
elevation - CEO (or another officer of the company).
|
|
 |
